Tell HN: Using Gmail? You will be force logged into Chrome

532 points by ronilan ↗ HN
So, it turns out Chrome 69 is a lot more than just redesign of the tabs and removal of the www from the url.

I'm using the Mac version of Chrome (Version 69.0.3497.81 (Official Build) (64-bit) to be pedantic).

Up until two days ago, logging into gmail and logging into chrome were two different things, as they obviously are (one is a web service the other is a web browser, to be pedantic again)

I would usually be logged into gmail in the browser, but would only log into Chrome on special occasions and/or with specific accounts.

As of today, if I hit www.gmail.com and log in, I'm automatically logged into Chrome. If I log out of Chrome, I'm also logged out of gmail.

This can't be a bug... can it?

322 comments

[ 0.24 ms ] story [ 249 ms ] thread
Why on earth are you using chrome if you cared about that kind of stuff so much?

No,it isn't a bug. It has always been that on android,using chrome browser or the youtube app meant that whatever google account was used in play store is also used to log you into google both on on chrome,yt,maps,etc...

They just brought that feature to desktop,I suppose now you'll be logged into whatever google account last used?

This includes payment info you inputted on the play store or anywhere else.

What exactly is your concern,I can't imagine you'd expect boundaries and privacy to be a thing google would respect with any of their products. They say "don't be evil" but they're pretty wishy-washy and flexible as to what they consider evil. I'd equate complaining about privacy and boundaries with google and fb to complaining about the rude staff and unpleasant patrons in prison.

A lot of people use chrome because it has the best security according to a lot of experts, including here on HN. It’s reasonable to complain about a drift in functionality that spans the web to native gap in my opinion.
I wasn't saying don't use it. Just don't pretend the price you're paying for it is null. Chrome is the most (relatively) secure browser.
Really? Perhaps 10 years ago, but Chrome is pretty ok when it comes to security. This eval that is Google's top result in search [0] has them tied for 6 out of 9 (5.5) and Chromium is better for security.

[0] https://www.expressvpn.com/blog/best-browsers-for-privacy/

They avaluate both security and privacy in this article. The comment above was about security alone.
From that link you posted...

> Security: Google has always been known as a leader for browser security, and for good reason... All said, Google’s leading position in browser security is undisputed. 5/5

> It has always been that on android,using chrome browser or the youtube app meant that whatever google account was used in play store is also used to log you into google both on on chrome,yt,maps,etc...

That is setting up a system-global login, and having apps use it. That is very different, nearly opposite, from logging into a web page and having that intercepted and turned into a more global login.

They see chrome as the system/OS with users leaving it very rarely(chromeos is the ideal chrome setup). If you look at chrome as the OS and tabs/chromeapps as the apps,it makes sense.
Why is this a problem ?
One of many reasons: you may trust given computer with your gmail content, but you may not trust it with all your saved passwords. Silently bringing them all in there, if true, this is insanity from a security standpoint.
Will it force me to login to Chrome even if I've never created a Chrome account?
This kind of chicanery is the reason I won't use Chrome for anything but browsing Facebook.
You don't even need that, install Firefox and use their container for Facebook:

https://blog.mozilla.org/firefox/facebook-container-extensio...

Even better: Install Firefox and use nothing for Facebook.
That's not an option for everyone
Your live depends on facebook?
I love my relatives, and Facebook is how they communicate.
Don't they all have email addresses?

I'm not saying that you're entirely wrong, because I've used that rationalization for keeping Facebook in the past.

What I do instead is just maintain an address book of everyone I know and send them an update on my life every once in a great while. It's much more fulfilling.

How is that different from them asking me "don't you have a web browser?"

I'm already the black sheep of my family, I'm not going to make it worse because strangers on the internet told me to.

(I do take some precautions, like only using Facebook in a private window, and certainly never on my phone.)

If you want to live life by what your family thinks of you, by all means, do so. Respectfully, however, if you can't consider what strangers on the internet have to say, you're significantly limiting its usefulness to you.

I'll turn that hypothetical question you posed around and ask how saying that email isn't sufficient for keeping in touch is any different from saying "Who needs greeting cards? Just let Facebook tell you to post on someone's timeline when it's a birthday or holiday."

I'm not denying that Facebook has some utility, but it's changed our definition of keeping in touch to value mass quantity over quality. If one values quality communication, Facebook is completely unnecessary and can be replaced with email which is an existing, standardized, ubiquitous, and sufficient means of keeping in contact with people. Your family would be statistical outliers if almost all of them didn't have an email you could send to.

In conjunction with "your life depends on facebook?", I'm simply saying that while one can use Facebook, there is such a thing as a viable alternative with its own advantages. It's controversial, I know.

The life I've built depends on communication, and the people and groups I wish to communicate with mostly use FB.

The non-profit I volunteer with organizes everything over FB. The union I work under announces almost everything over FB. I literally never look at my FB "feed" but I've got 5 private groups that I check every day. If I stopped using FB, I'd be completely out of the loop with almost everything I do.

I suspect that's how a lot of the world operates. FB is free and easy and reliable and everybody already has an account. It lets people post text and photos and comments, and tag other people, and report when they've seen something. That's everything we used to use email for (and a bit more), but more convenient.

I got my first cell phone a couple months ago. It's a lot easier for me to live without a cell phone than to live without FB. No cell phone means I have to wait a couple hours to read my messages. No FB would mean I wouldn't get organization news at all.

Even for people who hate FB on principle, they've never suggested an alternative that meets our needs better today. Possibly Google's services could, but a significant number of people I know don't have Google accounts (or use Gmail), and the people who hate FB usually hate Google just as much. Possibly Yammer, but ditto everything (and Microsoft).

Decentralized social networks are a cool idea, but until FB starts breaking so bad that we're unable to communicate about our upcoming project, we have no reason to consider switching to anything else.

A while ago I switched to Vivaldi. I have never been happier with a browser.
Why do you like Vivaldi?

I'm using it but am fairly ambivalent.

I like the bookmarks, that I was able to customise it extensively, the sidebar is very useful and unobtrusive. I do like also that is based on chromium. All in all I feel like it has everything that other browsers have and just a bit more or a bit better.
Also the history view is a lot nicer than chrome, which is better than Firefox. Firefox's history pane is borderline unusable (search doesn't sort by last visit, it sorts by day and alpha or something weird like that).
If the view is set to "by last visited," Firefox's history searches are sorted by last visit. Maybe you had some add-on that changed the behavior.
I use Vivaldi because the CEO is Jon von Tetzchner. Here's a quote from him from a recent interview:

Q: Other browser companies tell us that too many options and features confuse users, and they remove or limit functionality based on that claim. Is that true in your opinion?

A: No. [...]

https://www.ghacks.net/2018/07/25/an-interview-with-vivaldis...

I didn't know this one. Love it.
I liked that they took the old Opera 12- spatial-keyboard-navigation paradigm.
Unfortunately Vivaldi inherits some of Chrome's bullshit, like if you want to print something it will try use Google's awful cloud print thing tied to your account.

It even has the flag for this account-consistency feature. Who knows if it will be enabled - would you even notice if it was?

Even though Vivaldi occasionally releases tarballs, the main browser is a proprietary product. See https://vivaldi.com/privacy/vivaldi-end-user-license-agreeme...
Last I checked, they still haven't had stabled cross-device tab sync.
I never use chrome except with gmail and other google services where I have an account. I think there's a market for this kind of systema.

I'm surprised anyone privacy minded still gets concerned about Google as they've been pretty open about everything since the launch of gmail. They give you free stuff in exchange for ads.

Chrome must send data, even if you aren't signed in. Google has a shadow profile for you anyway, so if you use chrome, you're logging to google.

> I'm surprised anyone privacy minded still gets concerned about Google as they've been pretty open about everything since the launch of gmail. They give you free stuff in exchange for ads.

They're open about the fact that they use your data but not as to how they use it. Even if they were, they have a high motivation to abuse it further and further since that is their business model.

Besides, I don't see how being open about invading your privacy makes it not invading your privacy.

Sub out Google/gmail with Facebook and see how that reads.

Can you provide a source for the shadow profile claim?
I had a separate Ask HN. Tracing some of the history, including Google Analytics that is mentioned in my essay/overview, is quite interesting.
It was a long essay, and I admit I skimmed it, but my main takeaway is: Google gon get ya, almost whatever you're doing.
I am trying to trace the problems back to Larry/Sergey though. I am thinking of getting rid of the malware part to make it a bit shorter BTW.
A typical tendency in distasteful projects: couple everything, remove choice. Make it one-size-fits-all.

Switching to Chromium.

I've posted this a few days ago, but I switched from Chrome to Chromium to Firefox to GNOME Web (aka Epiphany) and it's everything I wanted: a stable and mature WebKit browser for all users (not just tech workers) with Firefox sync integration and no Google bullshit.
(comment deleted)
Chromium has this behavior too, at least if you enabled the sync previously—and it's not new, it's been around for a long time, like a couple years or more.
This I can't reproduce with Chrome 69 on the Mac. I just logged into Gmail without being logged into Chrome. Or did I misunderstand something here?
I thought I had this experience years ago, I'm surprised this is only happening now.

I use an email app (just regular Mail on the mac) to access my Gmail. Your email is stored and synced locally so it is accessible offline, and you don't get these shenanigans. Also I use Firefox.

But let's be honest, even if you aren't logged in, and aren't using Chrome, at this point if Google is not recognizing you it is only because they are pretending not to. I'd bet they have a pretty good record of my internet activity.

What they mean is to log into the sync feature which is part of Chrome .
This happened to me yesterday on Windows too, to add another datapoint to your sample set.
The cynic in me thinks this is in anticipation of GDPR related challenges. Users that accepted a TOS are easier to track (at least, it's easier to mount a legal argument that some tracking and profile linking is ok) compared to users that never accepted anything at all.

next up: push for new standards that favor chrome over other browsers.

The gdpr agreement form on websites usually requires you to enable 3rd party scripts and cookies otherwise you get hit with endless popups about it. Someone should make a browser extension that automatically denies every gdpr popup.
In theory this is true, but Google almost certainly does that anyway using any number of alternate methods.
This causes a few other problems. For example I use Hangouts Chat (chat.google.com) on my Google Apps account, and I also have a personal gmail. Ever since the change I have to log out from my personal gmail to use Hangouts Chat, because it is looking at my Chrome account and telling me that I'm not part of the organization. I can't switch to the Google Apps account at all.
This is why setting up user profiles is handy in chrome. Keep one for work, one for home.
But being logged into your personal Hangouts and using the work Chrome at the same time does not seem to work anymore.
This is why it's handy to just use Firefox.
firefox's multiple profile support is crap. I actually do want multiple profiles that do things like sync passwords, bookmarks, extensions, themes across machines per profile. AFAIK firefox can't run multiple profiles at once
You can run multiple profiles at once in Firefox. I've been doing this for the better part of two decades with Mozilla browsers. You just need to add the no-remote option to your launcher.
Firefox has gained a feature called multi-account containers several releases back solving exactly this kind of problem in a slick way: Your tabs can be assigned to different accounts (represented by different colors/names/icons (which are configurable). Each account has its own cookies etc, allowing you to be signed in to any number of services while keeping them separated.

I use this feature heavily to separate different clients.

It's also the reason why Chrome/Chromium are now out of the question for personal use: Much to complicated to keep things separated.

But... Chrome has had this feature for MUCH longer than Firefox.
If you mean profiles, Firefox has had it even longer, albeit with poor UI.
Look I'm a contributor to Firefox and even I think it's a stretch to say that FF has multi-profile support. I mean the feature is technically there but it's unusable by everyone except FF nerds. It's a special kind of hell where something like

    FIREFOX_PROFILE_DIR=~/.profile1 firefox

    FIREFOX_PROFILE_DIR=~/.profile2 firefox
would actually be an improvement on the UX.
But it is that easy:

    firefox --no-remote --profile /path/to/profile/directory
You need to make one shortcut[0]:

  firefox --no-remote -ProfileManager
Then just click that every time you want a new/different profile. It has a list, with Create, Delete, Rename buttons...

I do wish -ProfileManager implied --no-remote though -- I wonder whether there's a reason it doesn't?.

EDIT: I just found `firefox -P` elsewhere in the thread. Also it seems like -ProfileManager does imply --no-remote now. Yay!

[0]: Or a shell script in my case, but a shortcut is probably more "accessible".

Chrome lets you have different accounts per window, which is nice. Firefox supports different accounts per tab, or the optional Facebook Container extension blocks communication to Facebook domains in all tabs outside of the Facebook container.
Every Google product I've seen has an account switcher, usually in the top right corner, with either your display image or a letter in a circle, this includes Hangouts Chat.
Yeah it switches me back to the chrome account when I access Hangouts chat. There's no way to switch and visit, or switch after visiting. It always reverts to the chrome account.
To think Google ( doubleclick ) and their competitors ( aggregate knowledge ) and others in that space arent already associating your browser history with your identity is a bit naive.
I hear that Brave and Proton mail are pretty good.
It probably is not a bug

Though "Chrome integration" with Google is pointless at best and an awful user experience.

I made the mistake of logging in w/ Google on Chrome mobile. Resulting in all my bookmarks being synced on the phone (because of course I want my desktop bookmarks on my phone. Obviously. Thanks Google). This is a mistake I'm not doing again.

Most people do want that, though. They literally want Google to sync everything for them. Makes sense to me, I don't see your POV to be super common, honestly, except maybe amongst the die hard tech people of hn and such.
In mobile I want/have the bookmarks that make sense for mobile usage. I believe this applies to most people.
Which is why there's a seperate folder in Google bookmarks for mobile bookmarks.
Not just Gmail, but I got logged out from other websites as well! [chrome 69, linux, ubuntu 16.04]
>Now Google can (potentially)

They could do this earlier too. Just needed more recources and still with lesser precision.

Someone else said 'your chrome account IS your google account' They are quite right. Google created an identifier that makes email as an id obsolete, and its called GAIA_ID. You can google it. Basically all of their services are keyed off on their universal gmail gaia_id but they planned on using this even beyond gmail but as a 'universal identifier' to track everyone on every service that interacts with google, such as tying the gaia_id to the apple id, facebook id

You guys really don't get it do you? Google is oceania, it's five eyes / cia-nato and they wanted to have a 'global identifier' to identify everyone on the planet. If they haven't already achieved it (likely they have) then it's something they're aiming for.

google is a technofascist information monopoly, and given that they've been cenosring people politically on youtube by demonetizing and deplatforming them, that should give you pause, in case your opinons 'just so happen to evolve with new information that disagrees with the reigning silicon valley biased cult of opinion called 'the establishment''

sorry I went political here, but software is becoming VERY political. Things in firefox break more and more every day, forcing you to use chrome. FF widevine support breaks all the time, oops there goes NETFLIX and HULU and AMAZON on your linux platform... this kind of thing. Google is widevine, so you better be politically aligned with google or else....no DRM check for you, no video for your customers

Only on Hacker News is the fact that a database has a primary key for user accounts evidence of a global conspiracy against humanity. Here's some bad news for you: literally every company with a website and user accounts has the same scheme.
Potentially? They already have. Now they’re just linking things because they’re wanting easier and convenient access as well as “terms of service” clarity.

I think it’s safe to say google etc don’t require cookies to track you. And they’ve already mapped out any secondary gmail accounts you have. And they have your complete browser history joined from all devices they’ve stitched into your shadow profile which you can’t delete or access. Incognito mode is only good for the little spy guy graphic.

This is the 21st century - all activity is logged for future sale.

You are not essentially logging into Chrome, well yes you are but only for local purposes and that's not so bad... the link is only local, it will not be syncing any data without your consent, it used to mean that.. and Google DID do very poorly presenting this version of their browser (proven by other posts here)
I can confirm on Windows, exactly the same behavior. I guess, it's time to start using Chrome account, never needed it, but whatever.
> to you so it comes off as a bit of a complaint for the sake of it.

People like you really rise my blood pressure. No, it's not important to him/her, bad defaults[1] are important for everyone because they are incorrect design. The correct design is not to synchronize anything before obtaining informed consent.

[1] https://en.wikipedia.org/wiki/Dark_pattern

I'm sorry that I raised your blood pressure, and I take your point that I could have worded it better. I (admittedly quite poorly) attempted to push OP to get more specific. That was my only intention.

I completely agree about the dark pattern and I think that's a really good point that I didn't consider at all in what I said.

However, my argument regarding Chrome is that Google carries out tracking so pervasive that it basically doesn't matter any more if they throw a dark pattern like this in the mix. I am still trying to come to terms with how banal this evil has become.

People like you really rise my blood pressure.

May I suggest that this is a very ugly, condescending, dismissive way of talking to anyone. The phrase has no place on a forum like HN.

> May I suggest

Perhaps your suggestion could be valid.

Since you pointed that out, what set me off primarily is similar sentiment when parent hinted that op might be arguing in bad faith with "so it comes off as a bit of a complaint for the sake of it". General dismissive attitude of HN to anything privacy related (like this thread getting downvoted) only exacerbates things further.

I wish I could just have multiple Chrome installs segregated from each other for different purposes.

I used to use Firefox for work and chrome for personal stuff. My new employer uses Google's business apps so it is easiest in Chrome....but that knocks out my two browsers at once system.

Often I'll need something I saved to drive (sample code, doc, something) or bookmarked in my personal account that suddenly was relevant to work.... swapping logins is a pain....

Use the --profile option
Your talking about just multiple logins like Google allows right?

I still have to switch back and forth and would rather keep both open.

You can have them open in different chrome windows simultaneously. I keep one widow with my personal login and another with my work account and it works fine.
Thanks I'll give it a try again.
You are fundamentally describing Firefox Containers. They are awesome and they work just like that, allowing you to have multiple independent sets of cookies for each context you need.
That sounds great! But if Mozilla follows the pattern they have set, they will discontinue that extension, just like they dumped Tab Groups, etc. So why should users invest in using it and building workflows around it, when it's probably just another rug to be ripped out from under them?
You can do exactly that with Chrome profiles, which associates the entire browser profile (avatar, cookies, bookmarks, history, etc) to a single account. This can also be an offline/local only account or tied to a google account to sync everywhere.

https://support.google.com/chrome/answer/2364824

On Mac, I keep separate Chrome windows for personal and work accounts. And I keep them in separate desktops, so I can easily switch using Ctrl-arrow.
Everything you do in chrome is called back to google servers. Even if you block cookies you can look at the network tab in dev tools and see it calling back; also it sends the links you click on to a malware check service (you know, safe browsing) that server tracks everything you click on: no cookies needed; there are also endpoints for transmitting your urls for 'quality of service' (to optimize bandwidth), that tracks, and then all the performance data called bakc to the google servers could potentially have your data steganographically included in that data

There are many things that chrome is doing that are dubious, quasi legal

one thing they could be doing is a kind of reverse beacon or barium meal beacon where they generate a unique code and steganographically insert that as an overlay into images...you won't see the difference when your webpage loads the image, but then some javascript will send that image back to a server, and there you ahve a cross site tracking mechanism. This concept has been used in browser fingerprinting, but now that has evolved with html5 with the canvas tag which generates unique ids and sends that back in order to track your browser everywhere around the internet without needing cookies or websocket sessions or any other newer session mgmt mechanism

Note that the Safe Browsing service is also used by Firefox. If you interact with a CA or some other services they may also use it to check that a domain does not have a history of malicious activity.
"Google calls the feature "Identity consistency between browser and cookie jar" and a Chrome representative on the official Google Chrome Help Forum confirmed that this is the intended behavior.

>This is an intended behaviour if you are using the same Google Account for your Gmail and Chrome. If yes, you'll be signed out of Chrome when you signed out of Gmail account.

...

Good news is that it is possible currently to disable the feature. Doing to breaks the link between the Google Account in Chrome that is used to sync data and Google accounts on Internet sites.

Note: Google may remove experimental flags like the one described below at any time. As long as it turns up when you run the steps below it is supported.

Here is what you need to do:

1. Load chrome://flags/#account-consistency in the browser's address bar. Google Chrome should display the flag Identity consistency between browser and cookie jar at the top.

2. Set the flag to disabled with a click on the menu and selecting disabled from the context menu.

3. Restart the Chrome browser.

Chrome breaks the link between the Google account in Chrome used to sync data and Google accounts that you sign in using the browser on Google sites."

https://www.ghacks.net/2018/09/08/disable-the-sign-out-link-...

Alternatively just get Firefox, use https://ffprofile.com/ once, and stop dealing with Chrome.

Ta-da, no more spyware.

Yes, this move is a deal breaker. Defaults matter, so I'm switching to Firefox.
I just did the same. After having used chrome since pretty much version 1.
Calling that behavior "spyware" is a bit of a stretch.
Why? Because it’s google? I get no advantage out of the feature, and it primarily serves to gather data on me. To me, that’s spyware.
Personally, I'm going to sign into both anyway. One less thing to sign into saves me time. That makes me happy. I dunno if I'm in the minority or not. But, it's a feature that at least some people find useful, so, I think branding it spyware is unjustified. It's not like it's a keylogger sending my data to who knows where which no reasonable person could ever find useful.
I use Gmail at work. I don’t want it to auto log me in.
That's fair. Saying it's a feature you don't like is reasonable. IMO, calling it spyware is too much.
I'm curious what the privacy implications are with having a work managed gmail account. While I know that in many cases the 'employer managed gmail' can be read by the employer, it isn't clear whether this also applies to bookmarks and other stuff. Recently chrome has started associating bookmarks with gmail/google accounts (if you are logged into that account) which I have never heard of a browser doing before. Pretty lame if you ask me, and it is spyware.
Besides possible privacy issues one major problem with google accounts is that google doesn't work with "accounts". It works with "people" or "corporations". So if they think that corporate account X and private account Z are actually same person (decided by some obscure algo) they will link them in their DB and in case of any infraction, real or not, they will hellban both of them. And as we know there is no such thing as human support or appeal process with google. Don't use your private accounts anywhere where they might be linked, not even for password restore field. There are already enough horror stories about people losing gmails, youtube channels and so on, forever.
Every browser that offers "sync" (which includes Forefox) must associate your browser data with your account.
Personally I think auto login should be opt in and never a default or requirement.

Specially when it's Google. They are super creepy and facilitators of a future where users have zero privacy but don't have the intelligence to care about it.

So, Google is making people stupider? Thank goodness we have you here to warn us with insightful analysis such as Google is "super creepy"!
I also warn kids about not following men giving them candy.

To me it's obvious, to others it's not. Just look at Google usage. They are absolutely creepy.

Google does some things that I think are very cool. Google does some things I don't think are so cool. None of the things that Google does, however, can in any way be compared to the things that a child rapist does. Making that comparison is wrong.
Your anecdote is a sample size of one that shouldn't be extrapolated from.

Personally having my entire browsing history linked to my name and sent off to a company for analysis and profit is a concern, and this is a deal breaker for me. As such I will no longer be using Chrome as my default browser.

Your anecdote is a sample size of one that shouldn't be extrapolated from. Right back at you.
People similarly dismissed concerns about information Facebook was sharing with third party apps that seemed to just provide quick entertainment like "the which celebrity are you most like quiz!" Years later, it turned out to be part of a massive data-mining operation meant to get information about voters.

You could point out reasons why this isn't the same thing, but you'd be missing the point. I, as an individual, can't fully assess the privacy impact of every single piece of technology I use, and what seems to be a benign feature backed by a corporation I trust could be anything but.

That being the case, we need to adopt certain heuristics to help defend our privacy. Granting as few permissions as possible for applications we use, and avoiding using a single identity across all of our devices is a good way to mitigate that risk.

Are you an individual that is willing to reduce your privacy a bit for added convenience? That's perfectly fine. But the ethical thing for Google to do would be to make this an opt-in feature, rather than an opt-out. The fact that they made this browser/Google Account sync the default was no accident. They want to gather more data on their users, and know if their users were stopped and prompted to think about whether or not they actually wanted this convenience, they would have less participating users. So they've made the unethical choice, and made this an opt-out feature.

Thanks for the site tip, I will use that site from now on.
1. Less than 1% of the users are going to both hear about and understand those instructions.

2. Google can say >99% of users "prefer" the new setting.

3. Tighten the lock-in.

You assume that the feature will result in some net benefit for Google (at some potential expanse to users/public) but there's no such guarantee.

Historically, the great Google products are made from scratch (or bought early) and stand by themselves. Their not-so-good products or features are the result of some elaborate corporate thinking that comes out under phrases like "Identity consistency between browser and cookie jar".

So, while they (may) think it tightens the lock-in, it (may) actually end up doing the opposite and be a disservice to everyone.

Why is it harmful to log in once to both apps that use the same account in the same browser?

Gmail and Calendar already share the same login. Is that hurting anyone?

Multiple users may use the same browser/devices but different Gmail accounts.

Even ignoring the (many) privacy implications, this causes problems for syncing across devices. Lets say I share a computer with my partner, but we have separate phones. Should I need to check which Gmail account is logged in before bookmarking something? Why can't we share a Chrome profile across those 3 devices while still maintaining separate Gmail accounts?

If you share a computer with someone else, each of you should have your own user accounts. Then each user account will have its own profile data, including which accounts are logged in.
Not sure why you're being so harshly downvoted, Chromium and derivatives have pretty solid profile switching. Doing this would actually be less work than signing out/in to other accounts.
It doesn't solve the problem I brought up - I was asking how to avoid switching profiles if I was sharing one between multiple people. GP's suggestion was to switch profiles.

Suppose I and my partner want to be able to bookmark something and have it show up on both of our phones. Is there a way to do that without sharing a Gmail account? That seems like a pretty common use case to me that was pretty easy to do before Chrome tied them together.

On Firefox, that use case would be trivial. You just sign all your browsers into one account and then use the web normally like you've always done.

> GP's suggestion was to switch profiles.

No, my suggestion was to create separate user accounts on the shared computer for each person--i.e., each person logs in to the computer with their own user account. That would make all of the website logins separate for each user, without anyone having to switch profiles in their browser.

However, I apparently misunderstood your problem; you don't want everything separate, you just want gmail separate while still sharing Chrome profiles. You're right that my suggestion won't solve that problem.

> Multiple users may use the same browser/devices but different Gmail accounts.

Why would they use the same browser logon. Sure they might use the same be, sure, they might even not use a different user account on the computer, but your are suggesting that they would use the same Google account to log into the browser yet different Google Accounts to log into Google.

That seems improbable, and likely to have unintended privacy implication that account consistency would mitigate rather than exacerbate.

The most likely approach there is not to "log into the browser" at all. I don't, I have separate profiles on every system.
My parents share computer accounts; heck, they even share bank accounts. It is not implausible to me that you'd want to have separate emails, but also want all of your bookmarks to sync across multiple devices regardless of who they belong to.

The privacy implications here are in regards to stuff like Google stripping search terms off of urls from competing services. Caring about that doesn't mean you will necessarily care about hiding search history from your partner. Even with syncing passwords -- both of my parents know how to log into each other's Gmail accounts. Anecdotally, that is relatively common for older generations; sometimes they'll even ask each other to check their email if a computer isn't nearby.

If you have sync turned on in that scenario, you are going to end up with bookmarks and passwords that randomly disappear depending on who was logged into what when they were added.

And sure, you can get around that by just not using sync. The privacy implications are still worse in that situation, because you no longer have a choice not to log into Chrome. But even if you don't care about that, it still seems like a strict downgrade in functionality. You lose the ability to sync bookmarks between computers and you lose the ability to easily share logins.

The response to, "hey, you made this feature less useful!" probably shouldn't be, "well, but you won't notice if you just stop using it." It's hard to make that sound like an upgrade.

Because a lot of us have a work Gmail account and a personal Gmail account.
Sure, and this would just result in two separate profiles in Chrome.
I don't want to be switching between profiles. I want to be able to see my personal Gmail and my work Gmail, and only sync up my work profile. Or alternatively, I don't want to sync.
> Is that hurting anyone?

It's actually hurting me: I'd like to be able to sign into YouTube on an untrusted device without signing into Gmail at the same time.

(comment deleted)
why sign into an untrusted device in any way without two factor authentication and incognito mode enabled?
It appears this only breaks part of the connection. I removed all Chrome data, created a new profile, activated that flag, signed into YouTube.

While I'm not signed into the browser, it has lifted my Google Account profile image into the browser, so it's still doing some sort of "consistency". It's clear the browser still knows my Google Account.

Image: https://imgur.com/hrEwPqX.png (Note, I confirmed that the about:flag "Identity consistency..." is set to Disabled before/after this screenshot again.)

I continue to be thrilled that I moved back to Firefox around Quantum.

After following these steps, the browser says it's no longer logged in, BUT I still see my Google Account image on the top right of the browser. It's still doing some sort of syncing between my Google Account and my browser. This is too much of a breach of trust, I'm done with Chrome
Just tried this and it doesn't work.